From d80b44003ca03cd09bf28278bf2e243581c00332 Mon Sep 17 00:00:00 2001
From: transtrike <transtrike@gmail.com>
Date: Wed, 16 Dec 2020 10:23:15 +0200
Subject: Fixed GetById to return only public info

---
 src/DevHive.Web/Controllers/UserController.cs | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src/DevHive.Web/Controllers/UserController.cs')

diff --git a/src/DevHive.Web/Controllers/UserController.cs b/src/DevHive.Web/Controllers/UserController.cs
index f241409..74eccd4 100644
--- a/src/DevHive.Web/Controllers/UserController.cs
+++ b/src/DevHive.Web/Controllers/UserController.cs
@@ -1,6 +1,7 @@
 using System;
 using System.Threading.Tasks;
 using AutoMapper;
+using DevHive.Data.Models;
 using DevHive.Data.Repositories;
 using DevHive.Services.Models.Identity.User;
 using DevHive.Services.Options;
@@ -46,7 +47,9 @@ namespace DevHive.Web.Controllers
 		[HttpGet]
 		public async Task<IActionResult> GetById(Guid id)
 		{
-			return await this._userService.GetUserById(id);
+			UserServiceModel serviceModel = await this._userService.GetUserById(id);
+
+			return new OkObjectResult(this._userMapper.Map<UserWebModel>(serviceModel));
 		}
 
 		//Update
@@ -62,7 +65,7 @@ namespace DevHive.Web.Controllers
 
 		//Delete
 		[HttpDelete]
-	   	[Authorize]	
+		[Authorize(Roles = Role.DefaultRole)]
 		public async Task<IActionResult> Delete(Guid id)
 		{
 			return await this._userService.DeleteUser(id);
-- 
cgit v1.2.3